Discussion:
Losing network connectivity - Is there a virus on my system ?
(too old to reply)
Manish Jain
2016-07-25 16:54:06 UTC
Permalink
Hi,

I am using FreeBSD 10.2 amd64, with Win XP as a backup OS. Since
yesterday, I am experiencing a strange situation. Internet connectivity is
lost every 10-15 minutes. 'ping www.freebsd.org' starts reporting 100%
packet loss. If I run 'service netif restart', ping reports "No route to
host".

The only way to fix the problem is to reboot into XP where internet works
okay. Then I reboot into FreeBSD, where things are okay too - for 10 or
minutes, after which the story gets played again.

Is it possible that somebody has hacked my system to place some malicious
code somewhere to make the system behave like this ? Or is somebody on the
ISP's side doing funny things to bring my internet down ?

Any help would be greatly appreciated.

Thanks
Manish Jain
Matthew Seaman
2016-07-25 17:13:20 UTC
Permalink
On 2016/07/25 17:54, Manish Jain wrote:
> I am using FreeBSD 10.2 amd64, with Win XP as a backup OS. Since
> yesterday, I am experiencing a strange situation. Internet connectivity is
> lost every 10-15 minutes. 'ping www.freebsd.org' starts reporting 100%
> packet loss. If I run 'service netif restart', ping reports "No route to
> host".

Try mtr instead of ping (in ports) -- it shows you /where/ the packets
are being lost. 'netstat -i' is also a good thing to check. If there
are any packet errors, particularly if they are going up over time, then
there's a physical problem somewhere on your local network. Frequently
this is due to bad ethernet cables, but it could be some more expensive
bit of hardware going wonky.

Also, you need to do:

service netif restart && service routing restart

to completely refresh your network interfaces. Not restarting the
routing explains at least part of what you're seeing.

This sort of problem is almost never down to malfeasance -- the black
hats would typically rather have control over your fully working
hardware and will frequently try and avoid doing anything that would
lead to being discovered. Most likely it's a software configuration
problem, or failing that, hardware failure.

Cheers,

Matthew
Dutch Ingraham
2016-07-25 22:30:33 UTC
Permalink
> Sent: Monday, July 25, 2016 at 12:54 PM
> From: "Manish Jain" <***@hotmail.com>
> To: "FreeBSD Questions" <freebsd-***@freebsd.org>
> Cc: Polytropon <***@edvax.de>
> Subject: Losing network connectivity - Is there a virus on my system ?
>
> Hi,
>
> I am using FreeBSD 10.2 amd64, with Win XP as a backup OS. Since
> yesterday, I am experiencing a strange situation. Internet connectivity is
> lost every 10-15 minutes. 'ping www.freebsd.org' starts reporting 100%
> packet loss. If I run 'service netif restart', ping reports "No route to
> host".
>
> The only way to fix the problem is to reboot into XP where internet works
> okay. Then I reboot into FreeBSD, where things are okay too - for 10 or
> minutes, after which the story gets played again.
>
> Is it possible that somebody has hacked my system to place some malicious
> code somewhere to make the system behave like this ? Or is somebody on the
> ISP's side doing funny things to bring my internet down ?
>
> Any help would be greatly appreciated.

Sounds like a timeout; have you checked whether there
is a re-leasing problem (if you are using dhcp, that is)?
Manish Jain
2016-07-25 22:46:42 UTC
Permalink
On Tue, Jul 26, 2016 at 4:00 AM, Dutch Ingraham <***@gmx.us> wrote:
Sounds like a timeout; have you checked whether there is a re-leasing problem (if you are using dhcp, that is)?


It's strange. After I wrote to freebsd-questions, the FreeBSD box has generally remained connected, except for once when rebooting FreeBSD (into FreeBSD itself, not XP) fixed the problem.

I am not using DHCP, at least for my IPv4 address. About IPv6, I have no idea. The relevant line in rc.conf is :

ifconfig_re0_ipv6="inet6 accept_rtadv"

Even if I were using DHCP, 'service netif restart' should logically take care of the re-leasing.

Thanks for replying.
Manish Jain
Loading...